Route Origin Authorization

$ rpki-client -vvf repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132342e302f32342d3234203d3e203237383233.roa
File:                     3230302e35382e3132342e302f32342d3234203d3e203237383233.roa (raw, json)
Hash identifier:          bVr1D1vokR/vo/0lYY8+cONKbInBATJeTNFVcgzQjL4=
Subject key identifier:   2B:0A:A9:DD:66:A3:40:33:E3:82:8D:8A:17:0B:A5:92:12:DC:CD:F5
Certificate issuer:       /CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
Certificate serial:       3829C6CDE0DCA999766D0E03736EA6776068033C
Authority key identifier: A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80
Authority info access:    rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
Subject info access:      rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132342e302f32342d3234203d3e203237383233.roa
Signing time:             Tue 04 Feb 2025 18:08:17 +0000
ROA not before:           Tue 04 Feb 2025 18:03:17 +0000
ROA not after:            Tue 03 Feb 2026 18:08:17 +0000
asID:                     27823
IP address blocks:        200.58.124.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl
                          rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.mft
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/BCC0665ECF8A97B83E398268D92A255BAE661816.mft
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/BCC0665ECF8A97B83E398268D92A255BAE661816.cer
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.crl
                          rsync://repository.lacnic.net/rpki/lacnic/E5AA1B2C690D34DD3A42E0C0268C3218ED158E15D29FCBD0BAB66B4786D632E6/0/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.mft
                          rsync://repository.lacnic.net/rpki/lacnic/946DAE8464E7C581E9BA5787F74CBDA9DCF6F8CD.cer
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.crl
                          rsync://repository.lacnic.net/rpki/lacnic/FC8A9CB3ED184E17D30EEA1E0FA7615CE4B1AF47.mft
                          rsync://repository.lacnic.net/rpki/lacnic/rta-lacnic-rpki.cer
Signature path expires:   Fri 11 Apr 2025 09:07:07 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            38:29:c6:cd:e0:dc:a9:99:76:6d:0e:03:73:6e:a6:77:60:68:03:3c
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=A5C31DCA4062FBA8FF4175C518EF2246CF570D80
        Validity
            Not Before: Feb  4 18:03:17 2025 GMT
            Not After : Feb  3 18:08:17 2026 GMT
        Subject: CN=2B0AA9DD66A34033E3828D8A170BA59212DCCDF5
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:de:a3:91:cf:a3:e2:95:87:39:b6:50:e8:f2:de:
                    fc:f8:1d:47:a1:b1:14:1b:3b:56:ca:95:2d:b3:d5:
                    1f:15:d8:43:2f:84:3f:25:e0:89:32:4b:5d:5e:d4:
                    54:49:fe:8c:44:84:da:15:61:6d:58:c5:5d:95:ec:
                    4b:bf:04:42:d7:24:0b:d0:96:b3:7d:3d:c7:86:dd:
                    a7:62:9c:6f:c6:6a:f7:d2:6b:b5:15:0b:9c:64:a9:
                    7f:ee:b4:4f:26:be:b2:04:aa:77:47:b1:5c:86:18:
                    75:51:8d:ae:a6:c8:70:73:17:06:6c:a9:cf:42:4a:
                    81:fe:2e:8f:ce:5f:6d:3e:03:e3:b8:80:8a:0a:c7:
                    a4:72:e5:d4:d4:df:44:a7:c5:13:b3:ef:4d:68:4c:
                    bc:34:e3:b2:63:00:7d:4c:54:27:db:5c:cb:3a:59:
                    67:5d:2c:08:42:fa:7d:2b:de:81:3f:f8:65:14:9e:
                    80:a5:54:2a:da:84:6d:56:86:f6:98:91:0e:4f:00:
                    8a:30:5a:a1:11:47:69:04:f5:6b:3c:e8:2a:46:ca:
                    af:90:a7:6a:d6:a0:98:bb:7c:65:a1:f9:45:fb:f5:
                    a6:a5:1e:2c:98:17:e0:fe:de:c2:bc:fb:6d:ff:df:
                    5a:1e:e3:83:c6:80:90:05:8a:89:38:ff:71:d6:7f:
                    c4:61
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                2B:0A:A9:DD:66:A3:40:33:E3:82:8D:8A:17:0B:A5:92:12:DC:CD:F5
            X509v3 Authority Key Identifier:
                keyid:A5:C3:1D:CA:40:62:FB:A8:FF:41:75:C5:18:EF:22:46:CF:57:0D:80

            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.crl

            Authority Information Access:
                CA Issuers - URI:rsync://repository.lacnic.net/rpki/lacnic/FDC3594DD4E54BADE709AC0D255CF279C47716D2E8B3F4D45DC46355899B36D4/0/A5C31DCA4062FBA8FF4175C518EF2246CF570D80.cer

            Subject Information Access:
                Signed Object - URI:rsync://repository.lacnic.net/rpki/lacnic/16B1B57B19B743C1E0B67DC5020E769FF697D5D8FE67645443C0170A59A628F4/0/3230302e35382e3132342e302f32342d3234203d3e203237383233.roa

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  200.58.124.0/24

    Signature Algorithm: sha256WithRSAEncryption
         98:e3:28:73:99:b3:b2:ac:17:2b:64:2a:b1:1a:d6:83:cc:a0:
         73:62:ab:6c:15:fe:3a:ee:ff:6f:ab:d9:f1:98:24:f4:8a:f8:
         94:94:a5:82:52:16:73:e4:fe:4a:4d:f8:97:70:52:83:d0:83:
         51:40:92:43:cc:3d:3f:06:39:6f:7e:0d:4d:aa:38:90:66:69:
         d4:18:06:6b:e3:38:c8:fd:54:9e:ec:20:70:66:b6:02:2e:ca:
         f8:ca:a6:d4:43:7b:f7:36:cb:e9:17:a3:c9:29:df:b6:9e:2e:
         e0:cb:59:19:35:3c:32:e2:19:07:5d:09:5d:98:ec:0a:76:d4:
         34:9d:f3:74:85:41:e9:d5:d4:fc:55:d6:4a:ab:28:02:3f:a5:
         19:41:9a:c9:b3:f4:87:3c:8a:3f:c3:29:8c:ad:91:7e:ae:b3:
         58:3c:f5:49:e6:ee:74:b0:08:45:ae:df:36:16:d5:4d:b2:66:
         47:4d:94:91:df:e8:31:9a:8b:9f:35:ad:d5:93:90:4a:5e:27:
         00:ad:e6:25:50:b7:93:bc:03:e8:6d:bd:50:22:11:75:84:b3:
         eb:96:9b:69:70:90:7c:3c:68:06:13:50:9a:a9:7c:2d:aa:7f:
         38:45:d4:b3:3f:3b:2e:92:bb:1e:63:07:f3:9f:f8:0a:2b:a1:
         e9:80:68:b4
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgIUOCnGzeDcqZl2bQ4Dc26md2BoAzwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoQTVDMzFEQ0E0MDYyRkJBOEZGNDE3NUM1MThFRjIyNDZD
RjU3MEQ4MDAeFw0yNTAyMDQxODAzMTdaFw0yNjAyMDMxODA4MTdaMDMxMTAvBgNV
BAMTKDJCMEFBOURENjZBMzQwMzNFMzgyOEQ4QTE3MEJBNTkyMTJEQ0NERjUwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeo5HPo+KVhzm2UOjy3vz4HUeh
sRQbO1bKlS2z1R8V2EMvhD8l4IkyS11e1FRJ/oxEhNoVYW1YxV2V7Eu/BELXJAvQ
lrN9PceG3adinG/GavfSa7UVC5xkqX/utE8mvrIEqndHsVyGGHVRja6myHBzFwZs
qc9CSoH+Lo/OX20+A+O4gIoKx6Ry5dTU30SnxROz701oTLw047JjAH1MVCfbXMs6
WWddLAhC+n0r3oE/+GUUnoClVCrahG1WhvaYkQ5PAIowWqERR2kE9Ws86CpGyq+Q
p2rWoJi7fGWh+UX79aalHiyYF+D+3sK8+23/31oe44PGgJAFiok4/3HWf8RhAgMB
AAGjggLIMIICxDAdBgNVHQ4EFgQUKwqp3WajQDPjgo2KFwulkhLczfUwHwYDVR0j
BBgwFoAUpcMdykBi+6j/QXXFGO8iRs9XDYAwDgYDVR0PAQH/BAQDAgeAMIGwBgNV
HR8EgagwgaUwgaKggZ+ggZyGgZlyc3luYzovL3JlcG9zaXRvcnkubGFjbmljLm5l
dC9ycGtpL2xhY25pYy8xNkIxQjU3QjE5Qjc0M0MxRTBCNjdEQzUwMjBFNzY5RkY2
OTdENUQ4RkU2NzY0NTQ0M0MwMTcwQTU5QTYyOEY0LzAvQTVDMzFEQ0E0MDYyRkJB
OEZGNDE3NUM1MThFRjIyNDZDRjU3MEQ4MC5jcmwwgbkGCCsGAQUFBwEBBIGsMIGp
MIGmBggrBgEFBQcwAoaBmXJzeW5jOi8vcmVwb3NpdG9yeS5sYWNuaWMubmV0L3Jw
a2kvbGFjbmljL0ZEQzM1OTRERDRFNTRCQURFNzA5QUMwRDI1NUNGMjc5QzQ3NzE2
RDJFOEIzRjRENDVEQzQ2MzU1ODk5QjM2RDQvMC9BNUMzMURDQTQwNjJGQkE4RkY0
MTc1QzUxOEVGMjI0NkNGNTcwRDgwLmNlcjCBxwYIKwYBBQUHAQsEgbowgbcwgbQG
CCsGAQUFBzALhoGncnN5bmM6Ly9yZXBvc2l0b3J5LmxhY25pYy5uZXQvcnBraS9s
YWNuaWMvMTZCMUI1N0IxOUI3NDNDMUUwQjY3REM1MDIwRTc2OUZGNjk3RDVEOEZF
Njc2NDU0NDNDMDE3MEE1OUE2MjhGNC8wLzMyMzAzMDJlMzUzODJlMzEzMjM0MmUz
MDJmMzIzNDJkMzIzNDIwM2QzZTIwMzIzNzM4MzIzMy5yb2EwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMg6fDAN
BgkqhkiG9w0BAQsFAAOCAQEAmOMoc5mzsqwXK2QqsRrWg8ygc2KrbBX+Ou7/b6vZ
8Zgk9Ir4lJSlglIWc+T+Sk34l3BSg9CDUUCSQ8w9PwY5b34NTao4kGZp1BgGa+M4
yP1UnuwgcGa2Ai7K+Mqm1EN79zbL6RejySnftp4u4MtZGTU8MuIZB10JXZjsCnbU
NJ3zdIVB6dXU/FXWSqsoAj+lGUGaybP0hzyKP8MpjK2Rfq6zWDz1SebudLAIRa7f
NhbVTbJmR02Ukd/oMZqLnzWt1ZOQSl4nAK3mJVC3k7wD6G29UCIRdYSz65abaXCQ
fDxoBhNQmql8Lap/OEXUsz87LpK7HmMH85/4Ciuh6YBotA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 17:50:58 2025 by rpki-client